Report by Orca Security
2025 State of Cloud Security Report
8 FINDINGSPublished Jun 5, 2025
View Original Report →Key Findings
85% of organizations have plaintext secrets embedded in their source code repositories.
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
Cloud
93% of organizations have at least one privileged service account, linked to Kubernetes adoption
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
Cloud
62% of organizations have at least one vulnerable AI package.
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
CloudAIVulnerabilities
Nearly a third of cloud assets are neglected today.
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
Cloud
76% of organizations have at least one public-facing asset that enables lateral movement.
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
CloudLateral movement
Each neglected cloud asset contains on average 115 vulnerabilities.
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
CloudVulnerabilities
84% of organizations now use AI in the cloud.
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
CloudAI
36% of organizations have at least one cloud asset supporting more than 100 attack paths.
Orca Security2025 State of Cloud Security Report·Jun 5, 2025
CloudVulnerabilitiesAttack path